Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/OP9MfN6JDuf7xB8Kk1hH90AHgxU.roa
File: OP9MfN6JDuf7xB8Kk1hH90AHgxU.roa (raw, json)
Hash identifier: HK1eqnM0u2zkUXM/srKVBWppTj+0Fae3OhpwNK4r1HU=
Subject key identifier: 38:FF:4C:7C:DE:89:0E:E7:FB:C4:1F:0A:93:58:47:F7:40:07:83:15
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 0C05
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/OP9MfN6JDuf7xB8Kk1hH90AHgxU.roa
Signing time: Sun 07 Feb 2021 06:44:41 +0000
ROA not before: Sun 07 Feb 2021 06:44:41 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9919
IP address blocks: 211.78.128.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3077 (0xc05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 7 06:44:41 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=38FF4C7CDE890EE7FBC41F0A935847F740078315
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:95:75:f2:f3:66:2b:a9:67:02:fb:7e:7b:bf:
8f:bb:42:34:9e:aa:9c:7d:34:5b:1d:68:1d:81:18:
b9:dc:11:12:e2:f1:e3:3e:2d:0f:4c:1a:77:db:ab:
d5:a2:04:85:e6:84:3f:0d:ab:56:b8:e4:ca:9d:c7:
7b:3d:e0:46:52:c7:30:b1:c0:ab:fd:3f:43:8d:6f:
38:22:fc:31:49:4f:b0:b9:25:cb:6d:cb:88:c9:a8:
e4:87:89:df:3c:02:75:bd:ff:25:1f:f3:38:69:47:
22:7b:bd:11:2a:20:4f:30:e4:e7:60:08:b0:0a:ae:
77:05:21:80:64:79:9c:dd:ad:01:94:1f:ec:47:d9:
71:05:0c:03:df:c4:31:5b:11:38:67:cc:0b:35:85:
dd:fa:98:8f:f7:a9:d1:25:8f:bd:a4:62:89:22:8b:
fb:99:00:6e:a4:d1:b0:29:0f:8e:b2:73:bd:9c:f3:
35:b9:a5:62:22:a8:c4:ed:b9:eb:67:c9:9d:0f:5c:
57:d4:f2:9f:cd:99:e3:e3:fa:34:a5:e6:0c:ae:27:
68:9c:c6:0c:53:4b:46:a2:f8:e0:f2:b2:96:1d:0c:
21:a0:bf:2f:51:66:03:71:17:bd:fd:0d:da:d8:38:
ec:e9:8e:d5:36:7a:d8:e7:dc:b1:22:63:a0:30:8e:
6b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:FF:4C:7C:DE:89:0E:E7:FB:C4:1F:0A:93:58:47:F7:40:07:83:15
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/OP9MfN6JDuf7xB8Kk1hH90AHgxU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.78.128.0/19
Signature Algorithm: sha256WithRSAEncryption
23:e8:ce:e9:de:b9:c7:0c:e2:e9:a2:de:4a:83:d4:60:81:2f:
53:73:fd:f3:80:4e:d5:5b:2b:83:96:65:1a:c4:ae:d5:47:53:
4a:98:bf:6e:59:8f:ca:50:6a:82:62:39:40:89:c5:3c:16:6f:
52:04:42:ec:3a:a2:83:d8:f0:d8:35:31:57:03:2f:42:b0:bb:
15:08:82:ec:1d:57:25:71:c4:70:51:3a:54:04:28:de:aa:4e:
0b:4d:43:52:d1:6e:db:a0:0b:b3:a1:d7:ff:be:96:55:57:d1:
d4:33:b2:e2:bd:3d:e4:e1:02:60:06:af:af:05:57:38:bb:d9:
f3:80:45:41:9b:6e:66:a7:bf:04:cc:c8:70:ff:ba:88:c7:af:
9f:16:31:36:e7:7e:be:1c:7d:45:0a:13:ba:c9:3f:37:64:9e:
35:e0:f8:45:61:04:40:00:7d:ea:8a:ae:97:04:f0:8f:81:4e:
de:41:ad:f3:99:8d:3b:d6:54:fc:0b:c1:f5:8b:16:c8:36:a0:
7a:67:63:03:af:ba:3d:f6:41:cd:56:f3:80:7c:f5:14:f9:5a:
de:84:98:d5:5e:0c:b2:ec:64:87:7e:2f:cb:f0:90:97:e9:47:
3c:08:1d:f5:cb:2f:9d:cb:0c:e6:38:40:ad:92:1b:2f:f8:8f:
02:7d:62:06
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDAUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yMTAyMDcw
NjQ0NDFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDM4RkY0QzdDREU4OTBF
RTdGQkM0MUYwQTkzNTg0N0Y3NDAwNzgzMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYlXXy82YrqWcC+357v4+7QjSeqpx9NFsdaB2BGLncERLi8eM+
LQ9MGnfbq9WiBIXmhD8Nq1a45Mqdx3s94EZSxzCxwKv9P0ONbzgi/DFJT7C5Jctt
y4jJqOSHid88AnW9/yUf8zhpRyJ7vREqIE8w5OdgCLAKrncFIYBkeZzdrQGUH+xH
2XEFDAPfxDFbEThnzAs1hd36mI/3qdElj72kYokii/uZAG6k0bApD46yc72c8zW5
pWIiqMTtuetnyZ0PXFfU8p/NmePj+jSl5gyuJ2icxgxTS0ai+ODyspYdDCGgvy9R
ZgNxF739DdrYOOzpjtU2etjn3LEiY6AwjmsPAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUOP9MfN6JDuf7xB8Kk1hH90AHgxUwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvT1A5TWZONkpEdWY3eEI4S2sxaEg5
MEFIZ3hVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdNOgDAN
BgkqhkiG9w0BAQsFAAOCAQEAI+jO6d65xwzi6aLeSoPUYIEvU3P984BO1Vsrg5Zl
GsSu1UdTSpi/blmPylBqgmI5QInFPBZvUgRC7Dqig9jw2DUxVwMvQrC7FQiC7B1X
JXHEcFE6VAQo3qpOC01DUtFu26ALs6HX/76WVVfR1DOy4r095OECYAavrwVXOLvZ
84BFQZtuZqe/BMzIcP+6iMevnxYxNud+vhx9RQoTusk/N2SeNeD4RWEEQAB96oqu
lwTwj4FO3kGt85mNO9ZU/AvB9YsWyDagemdjA6+6PfZBzVbzgHz1FPla3oSY1V4M
suxkh34vy/CQl+lHPAgd9csvncsM5jhArZIbL/iPAn1iBg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:11 2023 by rpki-client on console-fra.rpki-client.org